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Description 

The present invention concerns a device making it possible to 
connect a user, having, in particular, an interrogation terminal, 
through the telephone network, with a confidential data server, in 
particular a central computer capable of providing it with information 
that is not accessible to everyone. 

More particularly, the invention is applicable to the case where 
the user has a terminal, portable or not, and wishes, by means of the 
network, to be connected to a data or information source, the 
availability of which to this user may be provided only for persons 
possessing an access authorization code for this information, this 
code being provided by the user and verified by means that permit its 
connection with the server only when this code is effectively 
recognized. 

It is classic to provide, in a system of this type using a caller 
identification control, that the caller, who enters on his telephone 
line the call number of the server, be first asked to supply an access 
code, from which, once the code is identified, the connection between 
his line and the server can be established. 

It is precisely this that is provided for nearly all limited 
access data bases, where the caller first must use the keyboard 
belonging to his telephone set or his ''Minitel" device, to enter an 
secret code or password, which authorizes only his connection with the 
base requested. 
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Since it is possible to conceive that the caller's code has been 
divulged by the latter or that it has been stolen from him, in such a 
way that anyone who is thus aware of this code can wrongfully access 
the server, which is in itself particularly annoying and in certain 
cases can have very serious consequences in an interactive system 
where the caller himself introduces a priori verified command 
instructions . 

A system of this type is known by the patent US-A 4- 815 031, and 
the patent US-A 4 679 226. However, these patents do not provide 
appropriate security with respect to a fraudulent use of a 
confidential data server. 

According to these prior patents, in fact it is sufficient for 
the person perpetrating fraud to know the user' s password to be able 
to call the server and to be connected to the latter, either from an 
authorized line, or from an ordinary line if, in this case, a 
complementary code required for establishing the connection is known 
in addition to the password- 

The present application concerns a device that avoids this 
disadvantage by providing double security for the connection of a 
calling terminal with the central server, one security measure being 
performed by the entry of a given code by the user himself, as in 
classic solutions, the other being used by the server who recognizes 
the code provided and assures the connection with the caller only 
after himself having reestablished the telephone connection between 
the interrogation terminal and the data base that it comprises. 
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For this purpose, the device for connecting an interrogation 
terminal with a confidential data server, having a circuit for call 
detection performed by the intermediary of the telephone line of a 
user, occupying this line for a predetermined time, and a circuit for 
identification of a code entered by the caller, put in operation by 
the detection circuit before reaching the predetermined time, which 
then interrupts the communication emanating from the caller, is 
characterized by the fact that it also has a commutation module 
controlled by the detection and identification circuits, which 
triggers a callback module that takes the line in order to 
automatically call the caller's set and, simultaneously, to connect 
the latter to the data server, thus connecting it with the user's 
terminal. 

In accordance with another feature, the device has a monitoring 
and supervision module, capable of interrupting the line at the end of 
use, by reinitializing the system. 

Thus the invention consists in providing a connection control 
module with the server that retains in memory the telephone call 
numbers of all the authorized users, so that, after recognizing the 
access code or password, the communication is first cut until the 
module itself calls the number of the user seeking to be connected, 
after identification of this password and automatic entry of the call 
number of the authorized set. 

If the set or terminal of the caller is in limited-access or 
closed premises, to which the person attempting fraud does not 
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normally have access, it cannot be connected to the server, even if he 
uses the fraudulently acquired password. 

Therefore, in order to thwart the system, the person perpetrating 
fraud not only must have the password, but also call from the set of 
the authorized user, which confers a quasi-absolute security to this 
system. 

Other characteristics of a device in accordance with the 
invention will appear via the following description of an embodiment, 
given as indicative and non-limiting, in reference to the annexed 
drawing, on which the sole figure is a synoptic diagram of the device 
considered. 

On the figure, reference number 1 designates a user terminal, of 
a type known per se and in particular having a number keyboard, of the 
type of an ordinary telephone set, associated with a monitor screen, 
or a combined unit of the type of a "Minitel" screen, with decimal 
numbering, or preferably one called ''DTMF" (Dual Tone Modulation 
Frequency) ; this numbering may be complete, or if necessary, 
abbreviated. In all cases, this terminal is adapted to permit a 
connection of the user to the telephone network 2 in order to call, by 
the intermediary of a connection device 3 in accordance with the 
invention, a server 4 capable of providing the user with particular 
data, of a confidential nature, only when this user is authorized to 
know the data by means of the use of an appropriate identification 
code. 
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The device 3 makes it possible to avoid the connection between 
the user 1 and the server 4 being made when this code has been 
divulged accidentally, or even when it has been stolen or directly or 
indirectly made known to persons unauthorized to make this usage. 

The numbering of the server 4 by the terminal 1, triggers in the 
connection device 3 a call detector circuit 5 of a type known per se 
that, after processing of the ringing signal conveyed by the 
corresponding line of the network 2 coming to the connection device 3, 
closes a first contact of a relay 6, connecting the terminal of the 
user 1 with a commutation module 7, which in return informs the user 
that his line is taken, as in an ordinary telephone communication. 

Then the user is invited, by any appropriate means, for example 
by an audio or even vocal signal, to enter on the keyboard of his 
terminal the code that is going to make it possible to identify it, in 
particular this consisting of a series of nuinbers, in particular 
signals of specific frequencies. Then the corresponding code is 
analyzed in a detection circuit 8, and then, after comparison with a 
preregistered reference code, adapted to deliver at the output of this 
circuit an authorization signal, also admitted to the communication 
module 7 by a second relay contact 6. 

Advantageously, the call detector 5 has a timing circuit (not 
shown) capable of automatically opening the relay 6 and interrupting 
the communication with the terminal 1 when the user enters an 
appropriate code on the line and, in particular, when the detection 
circuit 8 does not send an output signal to the communication module. 
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in particular when the code introduced does not correspond to any of 
the authorized codes for all of the users of the server 4, 

On the other hand, in the case where the detection circuit 8 
delivers an output circuit to the coininutation module 7 for the 
identification of the code emitted by the user, this module is put 
under voltage so as, in turn, to deliver a command signal to a 
callback module 9 on the one hand, or to a supervision module 10 on 
the other. 

In fact, in accordance with the invention, the activation of the 
recall module 9 by the commutation module 7 will make it possible, 
after the line 2 of connection with the user terminal 1 has been 
disconnected at the end of the predetermined time, by opening the 
connection relay 6, for the server itself to call back the user. 

In these conditions, if the server 4 is called by any user, in a 
particular case having an access code possibly obtained in an 
unauthorized way, the server will assure a complementary security 
monitoring, by prohibiting a direct connection as in the classic 
solution where the statement of the access code is in itself 
sufficient, but by subordinating the connection between the user 1 and 
the server 4 to a callback operation by the latter to the telephone 
set belonging to the user and the call number of which is obviously 
distinct from the code itself assigned to this user. 

The callback module 9 thus has a memory such that, after 
identification of the code of the user by the commutation module 7, it 
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provides the module with the call number of this user, which can be 
directly entered by a keyboard 11 controlled automatically from this 
memory. 

The calling of the user's set 1 by the module 9 assures, by the 
intermediary of the relays 12 and 12', the closing of the line and the 
connection of the corresponding terminal to the server 4 by the 
intermediary of the outputs of a transformer 13, permitting them to be 
connected from that time and the user to interrogate the server as he 
wishes . 

The supervision module 10 makes it possible to continuously 
monitor the proper operation of the detection device 3, by analyzing 
the frequency of the signal issued by the commutation module 7, by 
authorizing the closing of the relay 12' making the connection of the 
user and the server, and by causing the opening of the circuit and the 
disconnection of the line at the end of the transaction. 

Thus a connection device that makes it possible to obtain a 
connection between a user and a reserved access server is obtained, 
thanks to the use of a double security, the former proceeding from the 
entry of a confidential code by the user himself, the latter by the 
fact that, once this code is analyzed and identified, the server 
himself calls back the user in order to be connected to his line, by 
using his call number, which assures the correlation with the code 
provided preliminarily. 

In these conditions, in case of unauthorized use of the access, 
the server cannot be directly connected to the caller's line. It will 
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be only after callback of the particular number of the authorized 
user, consequently requiring that the latter is served by his own set, 
which the unauthorized called could not do a priori. 

Of course, it follows that the invention is not limited to the 
example described in detail above; on the contrary, it includes all 
versions. In particular, the device by no means prevents the user 
from voluntarily switching his own line to another set corresponding 
to another call number by using the classic call transfer system. 
However, this possibility does not call into question the double 
security obtained which remains valid in all cases. 
CLAIMS 

1. A device for connecting an interrogation terminal (1) with a 
confidential data server (4), having a server call detection circuit 
(5) made by the intermediary of the telephone line (2) of a user, 
occupying this line for a predetermined time, a circuit (8) for 
identifying a code formed by the caller, put into operation by the • 
detection circuit before reaching the predetermined time, which then 
interrupts the communication coming from the caller, wherein it also 
has a commutation module (7) controlled by the detection and 
identification circuits, which releases a callback module (9) taking 
the line for automatically calling the caller's set and, 
simultaneously, connecting to the latter the data server, thus the 
connection to the user's terminal. 

2. The device in accordance with Claim 1, wherein it has a 
monitoring and supervision module (10), capable of interrupting the 
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line (2) at the end of use, by reinitializing the system. 
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